2 Wikipedia will go secure to beat NSA surveillance

Just days after reports revealed thathttp://timesofindia.indiatimes.com/topic/National-Security-Agency (NSA) in the US actively looked at what people read on Wikipedia, Wikimedia Foundation announced on its website that it would implement HTTPS for logged-in users.

The foundation, a non-profit organization, manages Wikipedia. The S in HTTPS stands for secure.Two days ago, Guardian newspaper revealed that with the help of a tool called XKeyscore, NSA was monitoring web users who accessed Wikipedia, the world's 7th most popular website.

Wikimedia said that to start with, it would offer HTTPS connection to all logged-in users from August 21. It will then gradually roll-out HTTPS for all users as well as implement additional security measures to make it harder for governments to snoop on Wikipedia users. However, it did not specify any deadlines for the additional security measures.

Following the Guardian report, Jimmy Wales, the co-founder of Wikipedia, had revealed on Twitter that the website was planning to switch to HTTPS from HTTP but there were a few bugs that had delayed the process.

"Our current architecture cannot handle HTTPS by default, but we've been incrementally making changes to make it possible. Since we appear to be specifically targeted by XKeyscore, we'll be speeding up these efforts," Wikimedia said on its website.

On Friday Wales announced the Wikimedia decision and tweeted, "I challenge the rest of the industry to join us. Encryption is a human rights issue."

HTTPS is more secure compared to HTTP. Websites using HTTPS establish a secure connection between their servers and the user's computer and greatly minimize the privacy risk. The secure connection means that third parties like government agencies or internet service providers (ISPs) can not read the content of data that a website and its users exchange.

However, the government agencies, hackers and internet service providers can still collect this data and possibly read it if they can break the encryption.

Initially, only banks and other organizations mindful of cyber security risks used HTTPS. But gradually email service providers and e-commerce websites started using it on their login pages. Currently, popular websites like Google, Facebook and Twitter use HTTPS but the majority of websites, including big ones like Yahoo! still rely on HTTP.